Vincent Pelletier 83e526f2a2 usb: gadget: f_fs: Assorted buffer overflow checks. ... OS descriptor head, when flagged as provided, is accessed without checking if it fits in provided buffer. Verify length before access. Also, there are other places where buffer length it checked after accessing offsets which are potentially past the end. Check buffer length before as well to fail cleanly. Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com> Acked-by: Felipe Balbi <felipe.balbi@linux.intel.com> Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2017-01-25 12:03:52 +01:00
..
f_acm.c
f_ecm.c
f_eem.c
f_fs.c	usb: gadget: f_fs: Assorted buffer overflow checks.	2017-01-25 12:03:52 +01:00
f_hid.c	usb: gadget: Fix copy/pasted error message	2017-01-03 14:33:59 +02:00
f_loopback.c
f_mass_storage.c
f_mass_storage.h
f_midi.c
f_ncm.c	ktime: Cleanup ktime_set() usage	2016-12-25 17:21:22 +01:00
f_obex.c
f_phonet.c
f_printer.c	idr: add ida_is_empty	2016-12-14 16:04:10 -08:00
f_rndis.c
f_serial.c
f_sourcesink.c
f_subset.c
f_tcm.c
f_uac1.c
f_uac2.c
f_uvc.c
f_uvc.h
g_zero.h
Makefile
ndis.h
rndis.c
rndis.h
storage_common.c
storage_common.h
tcm.h
u_ecm.h
u_eem.h
u_ether.c
u_ether.h
u_ether_configfs.h
u_fs.h
u_gether.h
u_hid.h
u_midi.h
u_ncm.h
u_phonet.h
u_printer.h
u_rndis.h
u_serial.c
u_serial.h
u_tcm.h
u_uac1.c
u_uac1.h
u_uac2.h
u_uvc.h
uvc.h
uvc_configfs.c
uvc_configfs.h
uvc_queue.c
uvc_queue.h
uvc_v4l2.c
uvc_v4l2.h
uvc_video.c
uvc_video.h